- // the mode is being turned on - so attempt to
- // allocate the user a cloaked host using a non-reversible
- // algorithm (its simple, but its non-reversible so the
- // simplicity doesnt really matter). This algorithm
- // will not work if the user has only one level of domain
- // naming in their hostname (e.g. if they are on a lan or
- // are connecting via localhost) -- this doesnt matter much.
- if (strchr(dest->host,'.'))
- {
- // in inspircd users have two hostnames. A displayed
- // hostname which can be modified by modules (e.g.
- // to create vhosts, implement chghost, etc) and a
- // 'real' hostname which you shouldnt write to.
- std::string a = strstr(dest->host,".");
- char ra[64];
- long seed,s2;
- memcpy(&seed,dest->host,sizeof(long));
- memcpy(&s2,a.c_str(),sizeof(long));
- sprintf(ra,"%.8X",seed*s2*strlen(dest->host));
- std::string b = Srv->GetNetworkName() + "-" + ra + a;
- Srv->Log(DEBUG,"cloak: allocated "+b);
- Srv->ChangeHost(dest,b);
- }
+ splitdot = x;
+ dots++;
+ }
+ if (dots >= 3)
+ break;
+ }
+
+ if (splitdot == host.length())
+ return "";
+ else
+ return host.substr(splitdot);
+ }
+
+ /**
+ * 2.0-style cloaking function
+ * @param item The item to cloak (part of an IP or hostname)
+ * @param id A unique ID for this type of item (to make it unique if the item matches)
+ * @param len The length of the output. Maximum for MD5 is 16 characters.
+ */
+ std::string SegmentCloak(const std::string& item, char id, int len)
+ {
+ std::string input;
+ input.reserve(key.length() + 3 + item.length());
+ input.append(1, id);
+ input.append(key);
+ input.append(1, '\0'); // null does not terminate a C++ string
+ input.append(item);
+
+ std::string rv = Hash->GenerateRaw(input).substr(0,len);
+ for(int i=0; i < len; i++)
+ {
+ // this discards 3 bits per byte. We have an
+ // overabundance of bits in the hash output, doesn't
+ // matter which ones we are discarding.
+ rv[i] = base32[rv[i] & 0x1F];
+ }
+ return rv;
+ }
+
+ std::string SegmentIP(const irc::sockets::sockaddrs& ip, bool full)
+ {
+ std::string bindata;
+ int hop1, hop2, hop3;
+ int len1, len2;
+ std::string rv;
+ if (ip.sa.sa_family == AF_INET6)
+ {
+ bindata = std::string((const char*)ip.in6.sin6_addr.s6_addr, 16);
+ hop1 = 8;
+ hop2 = 6;
+ hop3 = 4;
+ len1 = 6;
+ len2 = 4;
+ // pfx s1.s2.s3. (xxxx.xxxx or s4) sfx
+ // 6 4 4 9/6
+ rv.reserve(prefix.length() + 26 + suffix.length());
+ }
+ else
+ {
+ bindata = std::string((const char*)&ip.in4.sin_addr, 4);
+ hop1 = 3;
+ hop2 = 0;
+ hop3 = 2;
+ len1 = len2 = 3;
+ // pfx s1.s2. (xxx.xxx or s3) sfx
+ rv.reserve(prefix.length() + 15 + suffix.length());
+ }
+
+ rv.append(prefix);
+ rv.append(SegmentCloak(bindata, 10, len1));
+ rv.append(1, '.');
+ bindata.erase(hop1);
+ rv.append(SegmentCloak(bindata, 11, len2));
+ if (hop2)
+ {
+ rv.append(1, '.');
+ bindata.erase(hop2);
+ rv.append(SegmentCloak(bindata, 12, len2));
+ }
+
+ if (full)
+ {
+ rv.append(1, '.');
+ bindata.erase(hop3);
+ rv.append(SegmentCloak(bindata, 13, 6));
+ rv.append(suffix);
+ }
+ else
+ {
+ if (ip.sa.sa_family == AF_INET6)
+ {
+ rv.append(InspIRCd::Format(".%02x%02x.%02x%02x%s",
+ ip.in6.sin6_addr.s6_addr[2], ip.in6.sin6_addr.s6_addr[3],
+ ip.in6.sin6_addr.s6_addr[0], ip.in6.sin6_addr.s6_addr[1], suffix.c_str()));